http://lists.freebsd.org/pipermail/freebsd-current/2012-June/034515.html.
FreeBSD still defaults to MD5 password hashes that are known to be insecure now, consider changing the default to SHA512 as suggested in the mailing list thread I linked.
You need to update the /etc/login.conf.db with cap_mkdb(8) after editing /etc/login.conf.
Existing password hashes are changed to SHA512 the next time the password is changed with passwd(1). New users created after this change will have SHA512 password hashes automatically.
FreeBSD still defaults to MD5 password hashes that are known to be insecure now, consider changing the default to SHA512 as suggested in the mailing list thread I linked.
You need to update the /etc/login.conf.db with cap_mkdb(8) after editing /etc/login.conf.
# $EDITOR /etc/login.conf
Code:
...
default:\
:passwd_format=sha512:\
...
# cap_mkdb /etc/login.conf
Existing password hashes are changed to SHA512 the next time the password is changed with passwd(1). New users created after this change will have SHA512 password hashes automatically.